CVE-2016-1307

The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and Unified Contact Center Express 10.6(1) has a hardcoded account, which makes it easier for remote attackers to obtain access via an XMPP session, aka Bug ID CSCuw79085.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.4 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
VendorProductVersion
zyxelgs1900-10hp_firmware
𝑥
< 2.50\(aazi.0\)c0
zzinckeymouse_firmware
3.08
zyxelgs1900-10hp_firmware
𝑥
< 2.50\(aazi.0\)c0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-fducce
http://www.securitytracker.com/id/1034920
http://www.securitytracker.com/id/1034921
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-fducce
http://www.securitytracker.com/id/1034920
http://www.securitytracker.com/id/1034921